News

The Hacker News1d
PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
Malware-laced PyPI and npm packages steal developer credentials, CI/CD data, and crypto wallets. Attacks target macOS, AI ...
CSO Online1d
‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover
The vulnerability enables attackers to load malicious plugins, hijack sessions, and create administrative accounts on ...
The Hacker News2d
Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
Unit 42 said its telemetry uncovered 269,552 web pages that have been infected with JavaScript code using the JSFireTruck ...
Over 46,000 Grafana instances exposed to account takeover bug
More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability ...